Back to Blog

7 Steps to Nonprofit Risk Management

Nonprofits face risk on all sides. In a March 2016 report, Oliver Wyman and SeaChange Capital Partners list some of the difficult conditions under which nonprofits must operate. Among these are:

  • Tackling society’s hardest problems
  • Limited funding
  • Increasing costs for services
  • Recruiting and retention
  • Ever-changing operating environment

These experts conclude, “It is no surprise that many nonprofits are always living close to the edge.”

Away from the edge: How to mitigate risk

Clearly, it’s impossible to avoid all risk. To do so would be to close your doors—which would leave the people or causes you serve more vulnerable than they already are. The best thing you can do is to manage the inevitable risk. KnowHowNonprofit.org, which provides community-made advice and support for nonprofit organizations, offers a seven-step risk management process.

1. Identify your risks. The British-based Charity Commission recommends that you review risks under the headings of governance, external, regulatory, financial, and operational. These classifications can be used as a framework, as you think about the risks in relation to each of your strategic objectives.

2. Analyze the risks. This involves giving a score for the likelihood of occurrence and impact of each risk on your organization:

a. Likelihood is rated on a 1 (rare) to 5 (certain) scale.

b. Impact also uses a 1 to 5 scale, with 1 being insignificant and 5 being major. Measuring impact also considers the possible consequences if a risk occurs, such as the impact on service and reputation, possible complaints, and chances for litigation.

The initial risk score is calculated by multiplying the impact score by the likelihood score. This gives you a level of risk (low, medium, high) and the corresponding level within your organization that should take action (staff, management, or board).

3. Prioritize the risks. Use your risk rating score to identify which risks to address. A cutoff point can be helpful here—a level above which you’ll manage the risk and below which you won’t. You may decide, for example, to manage the top five risks or those that score six points or more.

4. Determine your risk appetite. How much risk are you willing to accept to pursue your objectives? This might change depending on the activity. In this step, consider the top 10 risk you’re managing. For each,

5. Reduce and control the risks. You want to control the level of each risk to an acceptable level. Your board should work with the people who “own” the risk to consider all the controls that are in place to reduce its likelihood or impact. After listing these controls, you can re-score the likelihood and impact of that risk to determine a residual risk score.

6. Give assurance. Make sure these controls are performing as expected. You can ask the risk “owner” to periodically confirm that the controls are effective. Internal or external auditors can also provide this assurance.

7. Monitor and review risks. Risks are always evolving, so the way you manage them will also change. Thus, it’s good practice to tie the monitoring and review process to your strategic and operational planning. You may choose to do an in-depth review of a specific risk at each board meeting, which gives trustees a detailed understanding of your risks and controls—and helps assure them that risk is being effectively managed.

Mitigating risk with technology

Risk management, in large part, is about control. That’s where cloud fund accounting software such as Sage Intacct can help. It decentralizes the planning and control process, so you can achieve a granular level of accuracy. Setting budgets for each event, campaign, program, and funder—and then tracking the actuals—creates tighter controls and helps prevent unexpected outcomes.

Another excellent risk management strategy is relying on the nonprofit technology experts at JMT Consulting. We help deliver the financial, development, and productivity solutions that you need to manage risk and achieve mission success. Want to learn more? We’re only a phone call or email away.

Related Posts:
Nonprofit CFOs Shape their Legacy by Defining and Communicating the Big Picture
October 15, 2019
Nonprofit CFOs Shape their Legacy by Defining and Communicating the Big Picture

You are the CFO of a nonprofit that’s focused on long-term mission fulfillment, financial sustainability, and organizational independence. How do you guarantee that your legacy is aligned with the organization’s long-term success? You may have thought that years of successfully ensuring your debits equaled your credits, that audits ran smoothly, and that financial reports were…

Adaptive Acquisition Update: A Letter from JMT
June 13, 2018
Adaptive Acquisition Update: A Letter from JMT

Like many of you, we too learned yesterday about the acquisition of Adaptive Insights Inc. by Workday Inc. Here at JMT, an event such as this is a reminder of the fluidity of the fast-paced world we live in today and of the importance for us to remain focused on JMT’s mission, to do all…

Paving the Way to Sustainability
July 27, 2017
Paving the Way to Sustainability

Through Improved Grant Management for Community Action Agencies Community Action Agencies (CAA) are a special breed of nonprofit agencies. They are the primary source of direct support for the more than 34.5 million people living in poverty in the United States. Community Action Agencies and Head Start Programs serve more than 16 million individuals and…

The True Costs of Nonprofit Budgeting with Excel
February 23, 2018
The True Costs of Nonprofit Budgeting with Excel

Excel is the go-to reporting and budgeting tool for countless finance teams, including financial planning and analysis (FP&A) professionals. In fact, there are more than one billion users worldwide—that’s about one in seven people! Excel is comfortable and familiar, but for growing nonprofits, it can be a real drag on your budgeting processes and productivity….

 Back to Blog